Merge pull request #102 from coheigea/ARIES-1934
ARIES-1934 - Make sure jar/zip files are jailed to the destination di…
diff --git a/blueprint/blueprint-cm/src/main/java/org/apache/aries/blueprint/compendium/cm/CmPropertyPlaceholder.java b/blueprint/blueprint-cm/src/main/java/org/apache/aries/blueprint/compendium/cm/CmPropertyPlaceholder.java
index 840d3c6..1af990a 100644
--- a/blueprint/blueprint-cm/src/main/java/org/apache/aries/blueprint/compendium/cm/CmPropertyPlaceholder.java
+++ b/blueprint/blueprint-cm/src/main/java/org/apache/aries/blueprint/compendium/cm/CmPropertyPlaceholder.java
@@ -18,6 +18,7 @@
*/
package org.apache.aries.blueprint.compendium.cm;
+import java.util.Arrays;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.Properties;
@@ -40,7 +41,7 @@
private static final Logger LOGGER = LoggerFactory.getLogger(CmPropertyPlaceholder.class);
private ExtendedBlueprintContainer blueprintContainer;
- private ConfigurationAdmin configAdmin;
+ private ConfigurationAdmin configAdmin;
private String persistentId;
private String updateStrategy;
private ManagedObjectManager managedObjectManager;
@@ -154,10 +155,12 @@
if (v2 != null) {
return false;
}
- } else {
- if (!v1.equals(v2)) {
+ } else if (v1 instanceof Object[] && v2 instanceof Object[]) {
+ if (!Arrays.deepEquals((Object[]) v1, (Object[]) v2)) {
return false;
}
+ } else if (!v1.equals(v2)) {
+ return false;
}
}
return true;
diff --git a/blueprint/blueprint-parser/src/main/java/org/apache/aries/blueprint/parser/Parser.java b/blueprint/blueprint-parser/src/main/java/org/apache/aries/blueprint/parser/Parser.java
index 10a9b39..3afcf50 100644
--- a/blueprint/blueprint-parser/src/main/java/org/apache/aries/blueprint/parser/Parser.java
+++ b/blueprint/blueprint-parser/src/main/java/org/apache/aries/blueprint/parser/Parser.java
@@ -22,6 +22,7 @@
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.validation.Schema;
import javax.xml.validation.Validator;
@@ -1461,6 +1462,12 @@
if (documentBuilderFactory == null) {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
+ try {
+ dbf.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);
+ dbf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
+ } catch (ParserConfigurationException ex) {
+ throw new ComponentDefinitionException("Unable to create the document builder", ex);
+ }
documentBuilderFactory = dbf;
}
return documentBuilderFactory;
diff --git a/esa-ant-task/src/main/java/org/apache/aries/ant/taskdefs/BundleSelector.java b/esa-ant-task/src/main/java/org/apache/aries/ant/taskdefs/BundleSelector.java
index 31793f8..75bdbe3 100755
--- a/esa-ant-task/src/main/java/org/apache/aries/ant/taskdefs/BundleSelector.java
+++ b/esa-ant-task/src/main/java/org/apache/aries/ant/taskdefs/BundleSelector.java
@@ -60,7 +60,7 @@
}
catch (Exception e) {
// nothing to do
- isValid = isValid && false;
+ isValid = false;
}
finally {
try {
diff --git a/jndi/jndi-core/src/main/java/org/apache/aries/jndi/ContextHelper.java b/jndi/jndi-core/src/main/java/org/apache/aries/jndi/ContextHelper.java
index e0b5a4d..4a69607 100644
--- a/jndi/jndi-core/src/main/java/org/apache/aries/jndi/ContextHelper.java
+++ b/jndi/jndi-core/src/main/java/org/apache/aries/jndi/ContextHelper.java
@@ -181,23 +181,24 @@
}
private static Optional<ContextProvider> getInitialContextUsingBuilder(BundleContext context,
- Hashtable<?, ?> environment) {
- for (ServiceReference<InitialContextFactoryBuilder> ref : Activator.getInitialContextFactoryBuilderServices()) {
- InitialContextFactoryBuilder builder = Activator.getService(context, ref);
- try {
- InitialContextFactory factory = builder.createInitialContextFactory(environment);
- if (factory != null) {
- return Optional.of(new SingleContextProvider(context, ref, factory.getInitialContext(environment)));
- }
- } catch (NamingException ne) {
- // ignore this, if the builder fails we want to move onto the next one
- logger.log(Level.FINE, "Exception caught", ne);
- } catch (NullPointerException npe) {
- logger.log(Level.SEVERE, "NPE caught in ContextHelper.getInitialContextUsingBuilder. context=" + context + " ref=" + ref);
- throw npe;
- }
- }
- return Optional.empty();
+ Hashtable<?, ?> environment) throws NamingException {
+
+ for (ServiceReference<InitialContextFactoryBuilder> ref : Activator.getInitialContextFactoryBuilderServices()) {
+ InitialContextFactoryBuilder builder = Activator.getService(context, ref);
+ InitialContextFactory factory=null;
+ try {
+ factory = builder.createInitialContextFactory(environment);
+ } catch (NamingException ne) {
+ // ignore this, if the builder fails we want to move onto the next one
+ logger.log(Level.FINE, "Exception caught", ne);
+ } catch (NullPointerException npe) {
+ logger.log(Level.SEVERE, "NPE caught in ContextHelper.getInitialContextUsingBuilder. context=" + context + " ref=" + ref);
+ throw npe;
+ }
+ if (factory != null) {
+ return Optional.of(new SingleContextProvider(context, ref, factory.getInitialContext(environment)));
+ }
+ }
+ return Optional.empty();
}
-
}
diff --git a/proxy/proxy-itests/pom.xml b/proxy/proxy-itests/pom.xml
index 39f22b9..81781b7 100644
--- a/proxy/proxy-itests/pom.xml
+++ b/proxy/proxy-itests/pom.xml
@@ -69,7 +69,7 @@
<groupId>org.apache.aries.proxy</groupId>
<artifactId>org.apache.aries.proxy</artifactId>
<scope>test</scope>
- <version>1.1.5-SNAPSHOT</version>
+ <version>1.1.7-SNAPSHOT</version>
</dependency>
<!-- pax exam -->
diff --git a/samples/ariestrader/modules/ariestrader-api/src/main/java/org/apache/aries/samples/ariestrader/api/persistence/MarketSummaryDataBean.java b/samples/ariestrader/modules/ariestrader-api/src/main/java/org/apache/aries/samples/ariestrader/api/persistence/MarketSummaryDataBean.java
index 13df51e..a5fff45 100644
--- a/samples/ariestrader/modules/ariestrader-api/src/main/java/org/apache/aries/samples/ariestrader/api/persistence/MarketSummaryDataBean.java
+++ b/samples/ariestrader/modules/ariestrader-api/src/main/java/org/apache/aries/samples/ariestrader/api/persistence/MarketSummaryDataBean.java
@@ -62,30 +62,30 @@
public String toString()
{
- String ret = "\n\tMarket Summary at: " + getSummaryDate()
- + "\n\t\t TSIA:" + getTSIA()
- + "\n\t\t openTSIA:" + getOpenTSIA()
- + "\n\t\t gain:" + getGainPercent()
- + "\n\t\t volume:" + getVolume()
- ;
+ StringBuilder ret = new StringBuilder();
+ ret.append("\n\tMarket Summary at: ").append(getSummaryDate())
+ .append("\n\t\t TSIA:").append(getTSIA())
+ .append("\n\t\t openTSIA:").append(getOpenTSIA())
+ .append("\n\t\t gain:").append(getGainPercent())
+ .append("\n\t\t volume:").append(getVolume());
if ( (getTopGainers()==null) || (getTopLosers()==null) )
- return ret;
- ret += "\n\t\t Current Top Gainers:";
+ return ret.toString();
+ ret.append("\n\t\t Current Top Gainers:");
Iterator it = getTopGainers().iterator();
while ( it.hasNext() )
{
QuoteDataBean quoteData = (QuoteDataBean) it.next();
- ret += ( "\n\t\t\t" + quoteData.toString() );
+ ret.append("\n\t\t\t").append(quoteData.toString());
}
- ret += "\n\t\t Current Top Losers:";
+ ret.append("\n\t\t Current Top Losers:");
it = getTopLosers().iterator();
while ( it.hasNext() )
{
QuoteDataBean quoteData = (QuoteDataBean) it.next();
- ret += ( "\n\t\t\t" + quoteData.toString() );
+ ret.append("\n\t\t\t").append(quoteData.toString());
}
- return ret;
+ return ret.toString();
}
public String toHTML()
{
diff --git a/transaction/transaction-blueprint/src/main/resources/org/apache/aries/transaction/parsing/transactionv20.xsd b/transaction/transaction-blueprint/src/main/resources/org/apache/aries/transaction/parsing/transactionv20.xsd
index 5f0e000..cc11435 100644
--- a/transaction/transaction-blueprint/src/main/resources/org/apache/aries/transaction/parsing/transactionv20.xsd
+++ b/transaction/transaction-blueprint/src/main/resources/org/apache/aries/transaction/parsing/transactionv20.xsd
@@ -26,7 +26,7 @@
<xsd:annotation>
<xsd:documentation>
<![CDATA[
- The <enable-annotations> element is used to enable annotation scanning for @Transactional annotations
+ The <enable> element is used to enable annotation scanning for @Transactional annotations
]]>
</xsd:documentation>
</xsd:annotation>